OpenPunk/OpenFusion
1
0
Fork 0
mirror of https://github.com/OpenFusionProject/OpenFusion.git synced 2024-11-22 13:30:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate cookie data

Browse Source
This commit is contained in:
Gent 2020-09-12 11:41:31 -04:00
parent be99714495
commit 2b1a028b3d
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/CNLoginServer.cpp
View File

@ -30,13 +30,17 @@ void CNLoginServer::handlePacket(CNSocket* sock, CNPacketData* data) {
std::string userPassword((char*)login->szCookie_authid); std::string userPassword((char*)login->szCookie_authid);
/* /*
* The std::string -> char* -> std::string maneuver should remove any * Sometimes the client sends garbage cookie data.
* trailing garbage after the null terminator. * Validate it as normal credentials instead of using a length check before falling back.
*/ */
if (userLogin.length() == 0) if (!CNLoginServer::isLoginDataGood(userLogin, userPassword)) {
/*
* The std::string -> char* -> std::string maneuver should remove any
* trailing garbage after the null terminator.
*/
userLogin = std::string(U16toU8(login->szID).c_str()); userLogin = std::string(U16toU8(login->szID).c_str());
if (userPassword.length() == 0)
userPassword = std::string(U16toU8(login->szPassword).c_str()); userPassword = std::string(U16toU8(login->szPassword).c_str());
}
bool success = false; bool success = false;
int errorCode = 0; int errorCode = 0;